Naxsi是Nginx的一个第三方的插件 用于保护Nginx前段防护 是一个轻量级的防火墙 比较好用
官网即下载地址
https://github.com/nbs-system/naxsi/releases
解压
tar zxvf naxsi-0.56rc1.tar.gz
把naxsi重新编译到nginx里面
./configure --prefix=/usr/local/nginx --add-module=/root/nginx-1.13.9/naxsi-0.56rc1/naxsi_src --with-http_secure_link_module --with-http_stub_status_module --with-http_auth_request_module --with-http_image_filter_module --with-http_slice_module --with-mail --with-threads --with-file-aio --with-stream --with-mail_ssl_module --with-http_sub_module --with-http_dav_module --with-http_flv_module --with-http_mp4_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_random_index_module --with-pcre --with-http_ssl_module --with-http_v2_module --with-http_realip_module --with-http_addition_module && make
覆盖旧的配置文件
cp objs/nginx /usr/local/nginx/sbin/nginx
在conf里配置一个naxsi的文件
vi naxsi.rules
#LearningMode; #Enables learning mode
SecRulesEnabled;
#SecRulesDisabled;
DeniedUrl "/RequestDenied";
## check rules
CheckRule "$SQL >= 8" BLOCK;
CheckRule "$RFI >= 8" BLOCK;
CheckRule "$TRAVERSAL >= 4" BLOCK;
CheckRule "$EVADE >= 4" BLOCK;
CheckRule "$XSS >= 8" BLOCK;
在nginx.conf配置文件里
location / {
root html;
index index.html index.htm;
include naxsi.rules;
}
例如 配置文件就放在nginx 的conf 目录里就可以了
在nginx.conf里配置
server {
listen 80;
server_name www.hqssjt.cn;
charset utf-8;
location = {
root /usr/local/nginx/html;
index index.html index.htm;
expires 30d; # 浏览器缓存
include naxsi.rules;# WAF防火墙
}
location /RequestDenied {
return 403;
}
error_page 403 /403.html;
location = /403.html {
root /usr/local/nginx/html;
}
#指定404错误页面
error_page 404 500 502 503 504 /404.html;
location = /404.html {
root /usr/local/nginx/html/index.html;
}
}
检查配置文件
/usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
/usr/local/nginx/sbin/nginx -s reload
模仿攻击,看错误日志
WAF的Naxsi配置成功
点一杯星巴克
